Microsoft Teams

Privacy notice

Hart District Council (the Council) processes personal data provided in connection with the use of Microsoft Teams for communication and collaboration purposes in accordance with the UK GDPR. The core capabilities in Microsoft Teams include messaging, calling, video meetings and file sharing.

The Council processes your personal data for organising virtual meetings, conversation chats and phone calls. The personal data is collected and stored in Microsoft’s Cloud servers with the purpose of providing the abovementioned services.

The Council is the Data Controller of the personal data. 

What personal data does the Council process?

The categories/types of personal data processed are the following:

  • content: your meetings and conversation chats, shared files, recordings (recordings capture audio, video and screen sharing activity), attendance and transcriptions
  • profile data: data that is shared within the Council (e.g. name, profile picture, e-mail address etc.)
  • image and/or video: should the meeting be recorded
  • phone numbers: call recordings (if required)
  • call history: a detailed history of the phone calls you make, which allows you to go back and review your own call records
  • call quality data: details of meetings and call data are available to the Council’s IT Services
  • support/Feedback data: information related to troubleshooting tickets or feedback submission to Microsoft
  • diagnostic and service data: diagnostic data related to service usage

In the context of certain meetings, the Council may organise video or audio recording. In the case of video recording, the Council will as much as is possible arrange for an opt-out facility for meeting participants who prefer their images are not recorded.

Please note neither the Council nor Microsoft can control what you share during meetings and conversation chats. Please refrain from using Microsoft Teams to disseminate special category data (sensitive personal data).

Who has access to your personal data?

The personal data is disclosed, under the need to know basis, to the following recipients:

  • relevant Council staff;
  • Microsoft and Microsoft’s processors involved in the data processing necessary to provide the service;
  • Southern Communications Group.

No other third parties will have access to your personal data, except if required by law.

How your information is protected and safeguarded

The Council takes appropriate technical and organisational measures to safeguard and protect your personal data from accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access.

Microsoft Teams data is encrypted in transit and at rest in Microsoft services, between services, and between clients and services.

Data protection rights

For more information on your data protection rights, including how to make a request, visit our Right to Know webpage.

What is the legal basis for processing your data?

The processing of your personal data is necessary for the Council to perform a task in the public interest.

How long will data be kept?

Conversation chats and working are stored for two years. Phone numbers are retained for 30 days.

Where can I get advice?

If you have any worries or questions about how your personal information is handled, please contact our Data Protection Officer using the contact details on this page.